CVE-2014-2490
Oracle Java ResourceBundle Format String Remote Code Execution Vulnerability
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Unspecified vulnerability in the Java SE component in Oracle Java SE 7u60 and SE 8u5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.
Vulnerabilidad no especificada en el componente Java SE en Oracle Java SE 7u60 y SE 8u5 permite a atacantes remotos afectar la confidencialidad, integridad y disponibilidad a través de vectores desconocidos relacionados con Hotspot.
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of ResourceBundles. The issue lies in insufficient validation of user-supplied data when applying a ResourceBundle. An attacker can leverage this vulnerability to execute code under the context of the current process.
It was discovered that the Hotspot component in OpenJDK did not properly verify bytecode from the class files. An untrusted Java application or applet could possibly use these flaws to bypass Java sandbox restrictions. A format string flaw was discovered in the Hotspot component event logger in OpenJDK. An untrusted Java application or applet could use this flaw to crash the Java Virtual Machine or, potentially, execute arbitrary code with the privileges of the Java Virtual Machine. Multiple improper permission check issues were discovered in the Libraries component in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions ,. Multiple flaws were discovered in the JMX, Libraries, Security, and Serviceability components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions. It was discovered that the RSA algorithm in the Security component in OpenJDK did not sufficiently perform blinding while performing operations that were using private keys. An attacker able to measure timing differences of those operations could possibly leak information about the used keys. The Diffie-Hellman key exchange algorithm implementation in the Security component in OpenJDK failed to validate public DH parameters properly. This could cause OpenJDK to accept and use weak parameters, allowing an attacker to recover the negotiated key. This update is based on IcedTea version 2.5.1, which fixes these issues, as well as several others.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2014-03-13 CVE Reserved
- 2014-07-16 CVE Published
- 2024-08-06 CVE Updated
- 2025-04-03 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-134: Use of Externally-Controlled Format String
CAPEC
References (16)
| URL | Tag | Source |
|---|---|---|
| http://seclists.org/fulldisclosure/2014/Dec/23 | Mailing List |
|
| http://secunia.com/advisories/60129 | Third Party Advisory | |
| http://secunia.com/advisories/60485 | Third Party Advisory | |
| http://secunia.com/advisories/60812 | Third Party Advisory | |
| http://www.securityfocus.com/archive/1/534161/100/0/threaded | Mailing List | |
| http://www.securityfocus.com/bid/68645 | Vdb Entry | |
| http://www.securitytracker.com/id/1030577 | Vdb Entry | |
| http://www.vmware.com/security/advisories/VMSA-2014-0012.html | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://marc.info/?l=bugtraq&m=140852886808946&w=2 | 2022-05-13 | |
| http://security.gentoo.org/glsa/glsa-201502-12.xml | 2022-05-13 | |
| http://www.debian.org/security/2014/dsa-2980 | 2022-05-13 | |
| http://www.debian.org/security/2014/dsa-2987 | 2022-05-13 | |
| http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html | 2022-05-13 | |
| https://access.redhat.com/errata/RHSA-2014:0902 | 2022-05-13 | |
| https://access.redhat.com/security/cve/CVE-2014-2490 | 2014-07-21 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1119597 | 2014-07-21 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Hp Search vendor "Hp" | Hp-ux Search vendor "Hp" for product "Hp-ux" | b.11.23 Search vendor "Hp" for product "Hp-ux" and version "b.11.23" | - |
Affected
| ||||||
| Hp Search vendor "Hp" | Hp-ux Search vendor "Hp" for product "Hp-ux" | b.11.31 Search vendor "Hp" for product "Hp-ux" and version "b.11.31" | - |
Affected
| ||||||
| Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 7.0 Search vendor "Debian" for product "Debian Linux" and version "7.0" | - |
Affected
| ||||||
| Oracle Search vendor "Oracle" | Jdk Search vendor "Oracle" for product "Jdk" | 1.7.0 Search vendor "Oracle" for product "Jdk" and version "1.7.0" | update60 |
Affected
| ||||||
| Oracle Search vendor "Oracle" | Jdk Search vendor "Oracle" for product "Jdk" | 1.8.0 Search vendor "Oracle" for product "Jdk" and version "1.8.0" | update5 |
Affected
| ||||||
| Oracle Search vendor "Oracle" | Jre Search vendor "Oracle" for product "Jre" | 1.7.0 Search vendor "Oracle" for product "Jre" and version "1.7.0" | update60 |
Affected
| ||||||
| Oracle Search vendor "Oracle" | Jre Search vendor "Oracle" for product "Jre" | 1.8.0 Search vendor "Oracle" for product "Jre" and version "1.8.0" | update5 |
Affected
| ||||||